Job description
Join to apply for the Principal Security Engineer (OCI) role at Oracle .
At Oracle Cloud Infrastructure (OCI), we build the future of the cloud for enterprises. We act with the speed and attitude of a start-up, combined with the scale and customer focus of the leading enterprise software company in the world.
The Enterprise Engineering team is responsible for ensuring the security and compliance of internal systems by performing regular audits, identifying gaps in existing standards, and actively enhancing the organization’s overall security framework using automation. We are an internal security and compliance team tasked with maintaining the security of all systems and ensuring compliance with various security frameworks. The candidate is expected to be in Oracle’s Nashville office - 5 days/week.
This role supports the strengthening of Oracle’s security posture, focusing on one or more of the following areas: regulatory compliance, risk management, Zero Trust Network Access (ZTNA), security policy development and enforcement, and Threat and Vulnerability Management.
Regulatory Compliance: Manage programs that establish, document, and track compliance with industry and government standards and regulations (e.g., Risk Management: Assess information security risks in complex environments and help implement security solutions and programs.
Cloud Security: Knowledge of cloud security principles and best practices across platforms; Network Security: Knowledge of network security, firewalls, VPNs, IDS/IPS, and network segmentation; Threat and Vulnerability Management: Research, evaluate, and manage information security threats and vulnerabilities.
Develop and manage information security governance, including policies, procedures, standards, baselines, and guidelines to ensure secure operation of information systems.
Build application security framework review processes (e.g., Design secure system architectures in the cloud, incorporating zero-trust models, network segmentation, and access control.
Monitor network traffic and security events to detect and respond to threats.
Conduct regular vulnerability assessments and penetration tests on network and cloud infrastructure.
Support configuration and management of firewalls, VPNs, IDS/IPS, and cloud-native security tools.
Perform code reviews and security testing (SAST, DAST); enforce secure coding practices across the SDLC with CI/CD tools; Develop and monitor configuration management automation and IaC strategies for a secure-by-design framework.
Monitor information systems for security incidents and vulnerabilities; provide visibility and reporting to IT and executive management.
Lead security projects and initiatives using Agile or Waterfall methodologies.
Architect and operate information system security controls; train staff in system administration and operations.
Develop cybersecurity documentation (SSP, PIA, CMP, POA&M, SOP) as required.
provide metrics to cybersecurity leadership and brief executives on compliance matters.
Relocation assistance is provided. Bachelor’s degree in computer science, Information Security, or a related field; 10+ years of experience in cybersecurity, security architecture, or related security roles, with focus on cloud environments, automation workflows, incident detection and response, and vulnerability remediation.
Industry certifications such as CISSP, OSCP, CISM, GIAC, or cloud security specialties (OCI, AWS, Azure) are highly preferred.
Proven expertise in security architecture, threat modeling, and risk management at an enterprise level.
Strong knowledge of network and cloud security (OCI, AWS, Azure, GCP); experience with IAM, cryptography, secure coding, and zero-trust.
Experience with SAST/DAST, secure coding practices, and CI/CD tooling; scripting (Bash, Python, Perl, YAML) and IaC (Terraform, CloudFormation).
Certain US customer or client-facing roles may require immunization/occupational health mandates. This posting includes a salary range for the US: $109,200 - $223,400 per year, with potential bonus and equity. Oracle offers a comprehensive benefits package as described.
Oracle is a world leader in cloud solutions, committed to an inclusive workforce and opportunities for all. Accessibility accommodations are available upon request at View email address on click.appcast.io is an Equal Employment Opportunity Employer.
Full-time
Information Technology
Industries: IT Services and IT Consulting
Referrals increase your chances of interviewing at Oracle. Get notified about new Principal Security Engineer jobs in Nashville, TN.
#J-18808-Ljbffr Oracle
Requirements
• Bachelor’s degree in computer science, Information Security, or a related field; 10+ years of experience in cybersecurity, security architecture, or related security roles, with focus on cloud environments, automation workflows, incident detection and response, and vulnerability remediation
• Proven expertise in security architecture, threat modeling, and risk management at an enterprise level
• Strong knowledge of network and cloud security (OCI, AWS, Azure, GCP); experience with IAM, cryptography, secure coding, and zero-trust
• Experience with SAST/DAST, secure coding practices, and CI/CD tooling; scripting (Bash, Python, Perl, YAML) and IaC (Terraform, CloudFormation)
• Certain US customer or client-facing roles may require immunization/occupational health mandates
